Register Login

sloganpng

top title background image

Semischolastica.js

Status: finished

Submission Time: 2023-05-26 11:23:19 +02:00

Malicious

Evader

Comments

Tags

Details

Analysis ID:
876155
API (Web) ID:
1243148
Analysis Started:

2023-05-26 11:25:36 +02:00
Analysis Finished:

2023-05-26 11:34:14 +02:00
MD5:
476fad0a9b9f0b665b416beb78b55cff
SHA1:
c5631292a9e8c5887e3674c819cd3ee4aab786dd
SHA256:
aa18039b1459c1054b2ead589186d0c3e1e02cdfebf5f4642e1b5cc13af8c104
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	malicious Score: 92	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 18/59

malicious

Score: 5/36

malicious

URLs

Name	Detection
http://nuget.org/NuGet.exe
https://github.com/imaya/zlib.js
http://pesterbdd.com/images/Pester.png
Click to see the 8 hidden entries
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
http://www.apache.org/licenses/LICENSE-2.0.html
https://go.micro
https://github.com/Pester/Pester
https://contoso.com/
https://nuget.org/nuget.exe
https://contoso.com/License
https://contoso.com/Icon

Dropped files

Name	File Type	Hashes	Detection
C:\ProgramData\WeigelasScribbleable.js	ASCII text, with very long lines (47992), with CRLF line terminators	#
C:\ProgramData\WeigelasScribbleable.js:Zone.Identifier	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache	data	#
Click to see the 3 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive	data	#
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_eg3rnj2e.acv.psm1	very short file (no magic)	#
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lsaixmmc.yur.ps1	very short file (no magic)	#